Termshark is a cross-platform terminal UI for tshark (part of Wireshark) that can intercept and analyze live interface traffic as well as read previously captured pcap files.
Termshark is a cross-platform terminal UI for tshark (part of Wireshark) that can intercept and analyze live interface traffic as well as read previously captured pcap files.
Termshark is included with and installed by default with Wireshark and will be useful if you're debugging on a remote machine with a large pcap and no desire to SCP it back to your desktop. Termshark also allows for the use of Wireshark's display filters.
Termshark Features:
Read pcap files or sniff live interfaces (where tshark is permitted).
Inspect each packet using familiar Wireshark-inspired views
Filter pcaps or live captures using Wireshark's display filters
Copy ranges of packets to the clipboard from the terminal
Written in Golang, compiles to a single executable on each platform - downloads available for Linux (+termux), macOS, FreeBSD, and Windows
Download